SQL Injection Vulnerability in Foreman Dashboard Controller

SQL Injection Vulnerability in Foreman Dashboard Controller

CVE-2018-1096 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. A user could use this flaw to perform an SQL injection attack on the back end database.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.